We prioritize your privacy and are deeply committed to enhancing transparency and fairness in our handling of your personal data. This Privacy Policy outlines how Cally, including its affiliated companies, collects, stores, utilizes, and shares personal data concerning individuals (referred to as "you") who: (i) interact with our websites ("Visitors"), accessible at www.cally.one or any other platform, webpage, email, text message, or online advertisement under our administration (collectively referred to as "Sites"); (ii) utilize our SaaS platform, whether as end-users on behalf of our corporate clients ("Users"; collectively with the Sites, the "Service").
We urge you to carefully review this Privacy Policy to fully comprehend and consent to its terms. If you do not agree with this Privacy Policy, kindly refrain from using our Services.
You are not obligated by law to furnish us with any Personal Data (as defined below), and you may choose to do so, or abstain from doing so, of your own volition.
If you opt not to provide us with such Personal Data or have it processed by us or any of our Service Providers (as defined below), kindly refrain from accessing our Sites or utilizing our Service. Additionally, you have the option to withhold "optional" Personal Data; however, please be aware that doing so may limit our ability to provide you with the complete range of our services or the optimal user experience while using our Service.
We gather diverse forms of personal data pertaining to both our Users and Visitors to our Sites. This data is typically acquired and produced through your interactions with us or our Service, through automated methods, directly from you, from other Users, from our clients, or from other third parties (inclusive of Service Providers and “Cookies,” as later defined).
Specifically, we accumulate the following categories of data (deemed as "Personal Data" to the extent it relates to an identified or identifiable individual):
Data Automatically Collected or Generated: When you engage with or utilize our Service, we may collect, log, or generate certain technical data about you. This is done either independently or in collaboration with third-party Service Providers (as defined in Section 4 below), utilizing tools like “cookies” and other tracking technologies (as elaborated in Section 5 below). This data includes connectivity, technical, and aggregated usage data such as IP addresses, approximate geographical locations, device specifications (like type, operating system, mobile device ID, browser version, locale, and language settings), timestamps of usage, installed or utilized cookies and pixels, and recorded activities (sessions, clicks, and other interactions) of Visitors and Users concerning our Service. Moreover, phone calls (e.g., with our customer success or product consultants) may be automatically recorded, tracked, and analyzed for purposes including analytics, service enhancement, operational efficiency, business quality control, and record-keeping purposes.
User Data Received from You: Upon contacting us, signing up for the Service, requesting a demo, or subscribing to our Solution, you may furnish us with Personal Data such as your name, address, billing information, account login details (email addresses hashed immediately upon receipt and passwords), and any images you choose to provide, along with other data you opt to provide during your use of our Service or interactions with us. Additionally, when logged into our Service, you may submit further details and documentation about yourself, including but not limited to employee ID, job title, and other information aimed at optimizing your usage of the Service (collectively termed as “User Data”). If you register for any of our events, you may provide additional details such as eligibility, preferences, experience related to Cally and its Solutions, meal or accommodation preferences, and other pertinent information. Furthermore, you may provide us with additional information about your company or employer, such as billing details, business needs, and preferences, which, if concerning a non-human entity, are not considered "Personal Data" and are not subject to this Privacy Policy.
User Data Received from Our Customers and Users: Our customers and Users may supply us with contact details of their employees, team members, and colleagues, facilitating our communication, invitations, or subscription of such individuals as Users to our Service. Typically, this data includes names, phone numbers, and work email addresses.
Data Received from Other Third Parties: We may receive Personal Data about you from various sources. For instance, if you partake in an event, webinar, or promotion sponsored or participated in by us, we may receive your Personal Data from the organizers. Additionally, we may obtain your contact and professional details (e.g., name, company, position, contact details, and work position) from business partners, service providers, or through commonly used tools and channels for business networking and exploration of potential opportunities, such as LinkedIn and other data sources.
It's noteworthy that we do not receive or retain passwords for any third-party services (although we may typically require your API key for integration purposes).
Data Obtained through Analytics Tools: We utilize analytics tools (e.g., Google Analytics and Hotjar) to gather data about the usage of our Sites and Service. These tools collect data such as the frequency of visits or usage of the Sites or Service, specific pages visited, timing of visits, and the source of website, ad, or email referrals.
We utilize Personal Data for several essential purposes, including ensuring the performance of our Service, complying with legal and contractual obligations, and advancing our legitimate interests in enhancing and refining our Service. These legitimate interests include comprehending usage patterns of our Service and the effectiveness of our campaigns, enabling more efficient resource allocation in marketing, advertising, and sales efforts, refining customer service and technical support, and safeguarding the interests of our Users, customers, Visitors, and ourselves, as well as the broader public and our Service.
If you reside in a jurisdiction where privacy laws necessitate "consent" as the primary or most appropriate legal basis for processing Personal Data, your acceptance of this Privacy Policy will be considered as consent to process your Personal Data for all purposes outlined herein. Should you wish to revoke this consent, please contact us via email at: contact@cally.one.
Specifically, we use Personal Data for the following purposes:
We do not sell your personal information for the purposes of the California Consumer Privacy Act (CCPA).
Data Location: Your Personal Data is processed and stored by us and our authorized Service Providers in AWS servers located in the US. Additionally, we may retain your Personal Data in other locations as necessary for the efficient functioning and delivery of our Service, or as mandated by law. Cally's headquarters are situated in Israel, a jurisdiction recognized by the European Commission for providing adequate protection for the Personal Data of EU Member State residents.
Data Retention: We will keep your Personal Data for a period deemed reasonably necessary to maintain and enhance our relationship with you, deliver our Service and offerings, comply with legal and contractual obligations, and safeguard against potential disputes. This includes adhering to laws governing log-keeping, records, and bookkeeping, ensuring we have evidence of our relationship in the event of legal issues arising post-termination. Data retention will not exceed 7 years from termination of our relevant customer's engagement with us, in accordance with applicable law. Please note, except as required by law or our agreements with you, we reserve the right to securely delete, anonymize, or restrict access to your Personal Data at our discretion and without prior notice.
For inquiries regarding our data retention policy, please reach out to us via email at privacy@cally.ai.
Legal Compliance: In extraordinary circumstances, we may disclose or grant government and law enforcement officials access to your Personal Data, in response to a subpoena, search warrant, court order, or similar legal requirement, or to comply with applicable laws and regulations. Such disclosure or access may occur if we have a genuine belief that: (a) we are legally compelled to do so; (b) disclosure is necessary in connection with efforts to investigate, prevent, or take action regarding actual or suspected illegal activity, fraud, or other wrongdoing; or (c) such disclosure is essential to protect the security or integrity of our products and services.
Service Providers: We may enlist selected third-party entities and individuals to provide services that complement our own. These service providers encompass a range of functions including hosting and server co-location services, communications and content delivery networks (CDNs), data and cyber security services, billing and payment processing services, fraud detection and prevention services, web analytics, e-mail distribution, marketing and monitoring services, session or activity recording services, remote access services, performance measurement, data optimization and enrichment services, social and advertising networks, content providers, e-mail, voicemails, support and customer relationship management systems, and our legal, compliance, and financial advisors (collectively referred to as "Service Providers"). These Service Providers may access your Personal Data based on their specific roles and purposes in supporting and enhancing our Service, and are only permitted to utilize it for such limited purposes as outlined in our agreements with them.
Our Service Providers are considered as ‘Data Processors’ when Cally acts as the ‘Data Controller’; and when Cally operates as the Data Processor for our customer, the Service Provider is deemed our ‘Sub-Processor’ (further detailed in Section 9 below).
Sharing Personal Data with our customers, their Users, and service providers: We may share your Personal Data with the customer who owns the account to which you are linked as a User (including data and communications related to your purchases). In such instances, sharing this data means that the Customer may access it on behalf of the customer, and will be able to monitor, process, and analyze your Personal Data. It's important to note that Cally is not responsible for nor does it control any further disclosure, use, or monitoring by or on behalf of the customer, who themselves acts as the “Data Controller” of such data (as further described in Section 9 below).
Protecting Rights and Safety: We may share your Personal Data with others if we genuinely believe that doing so will help protect the rights, property, or personal safety of Cally, any of our Users or customers, or any members of the general public.
Cally Subsidiaries and Affiliated Companies: We may share Personal Data internally within our group for the purposes outlined in this Privacy Policy. Moreover, if Cally or any of its subsidiaries or affiliates undergoes any change in control or ownership, including through merger, acquisition, or purchase of any of its assets, your Personal Data may be shared with the parties involved in such an event. If we anticipate that such change in control might materially affect your Personal Data stored with us, we will notify you of this event and the choices you may have via e-mail or prominent notice on our Service.
For clarification, Cally may share your Personal Data in additional manners, subject to your explicit approval, or if we are legally obliged to do so, or if we have successfully rendered such data non-personal and anonymous. We may transfer, share, or otherwise use non-personal data at our sole discretion and without further approval.
Our Sites and Service, including certain Service Providers, employ "cookies," anonymous identifiers, container tags, and other technologies to facilitate the provision of our Service, ensure its proper functioning, analyze our performance and marketing activities, and personalize your experience. These cookies and similar files or tags may also be temporarily stored on your device. Some of these cookies and technologies are designed to remember Personal Data, such as an IP address, previously provided by a User.
Please be aware that we do not alter our practices in response to a "Do Not Track" signal in the HTTP header from a browser or mobile application. However, most browsers offer options to manage cookies, including the ability to accept or reject them and instructions for their removal. You can configure most browsers to notify you upon receiving a cookie, or you may choose to block cookies entirely through your browser settings.
A comprehensive list of the cookies and pixels utilized in our Services can be accessed in the Cookie section of your browser while using our Services.
Our Sites and Service, including certain Service Providers, employ "cookies," anonymous identifiers, container tags, and other technologies to facilitate the provision of our Service, ensure its proper functioning, analyze our performance and marketing activities, and personalize your experience. These cookies and similar files or tags may also be temporarily stored on your device. Some of these cookies and technologies are designed to remember Personal Data, such as an IP address, previously provided by a User.
Service Communications: We may reach out to you with essential information concerning our Service. This could include notifications (via any available means) regarding updates or modifications to our Service, billing matters, alterations in service, login attempts, or password reset notifications. Additionally, our customers and other Users within the same account may also send you notifications, messages, and updates regarding their or your usage of the Service. However, please note that certain service communications essential to your usage, such as password resets or billing notices, cannot be opted out of.
Marketing Communications: We may also inform you about new features, supplementary offerings, events, special opportunities, or any other information we believe our Users will find valuable. These notifications may be delivered through any available contact methods (e.g., phone, mobile, or email), via the Service itself, or through our marketing campaigns on various sites or platforms. We may choose to send promotional emails only to specific Users on our mailing list, based on their known characteristics.
If you prefer not to receive marketing communications, you can inform Cally at any time by sending an email to privacy@cally.ai, adjusting your communication preferences in your settings, or by following the "unsubscribe," "stop," "opt-out," or "change email preferences" instructions included in the promotional communications you receive.
To safeguard the Personal Data entrusted to us, we implement industry-standard physical, procedural, and technical security measures, including encryption where suitable. Nonetheless, it's important to acknowledge that despite our security efforts, we cannot provide absolute assurance regarding the protection and security of any Personal Data stored with us or with any third parties, as outlined in Section 4 above.
If you wish to exercise your rights under applicable laws, such as the EU General Data Protection Regulation (GDPR) or the California Consumer Privacy Act (CCPA) (to the extent they apply), including the right to request access to, rectification or erasure of your Personal Data held with Cally, or to restrict or object to the processing of such Personal Data, or to port such Personal Data, or the right to equal services and prices (to the extent available to you under the applicable laws) – please reach out to us via email at: contact@cally.one. We will endeavor to respond promptly and initiate the selection process within 72 hours upon authorization of deletion by the customer (if applicable) and validation of the user's identity. Please note that certain information may take up to 30 days to be deleted from our backup files. Additionally, certain information may not be anonymized or deleted if such deletion is not reasonably feasible given the system's architecture.
Upon contacting us via email, we may provide guidance on how to independently fulfill your request through your settings or may request additional information and documents, including certain Personal Data, to authenticate and validate your identity and process your request. Any additional data collected for this purpose will be retained by us for legal purposes (e.g., as evidence of the identity of the individual submitting the request), in accordance with Section 3 above.
If you have any requests or inquiries regarding Personal Data processed on behalf of our customers, please directly contact the customers themselves (as they act as the “Data Controller” of such data – refer to Section 9).
Certain data protection laws and regulations, such as the GDPR or the CCPA, commonly differentiate between two primary roles for parties involved in processing Personal Data: the “Data Controller” (or, under the CCPA, “business”), who determines the purposes and methods of processing; and the “Data Processor” (or, under the CCPA, “service provider”), who processes the data on behalf of the Data Controller (or business).
Cally acts as the “Data Controller” of Personal Data concerning its Visitors and other business contacts at our customers, as well as User Data comprising profile and contact details, usage data, preferences, engagement metrics, analytics data, and data acquired from the Solution, which we utilize to enhance our algorithms and develop superior services for our clients. In relation to such data, we bear the responsibilities of the Data Controller (solely to the extent mandated by law), as outlined in this Privacy Policy. In these instances, our Service Providers processing such data assume the role of “Data Processor”.
Any other Personal Data provided to our service will solely be processed by Cally on behalf of our customer, who is the proprietor of the corresponding account, in conjunction with all other User Data processed on behalf of such customer.
In such scenarios, our customer is considered the “Data Controller” of such data, and Cally processes such data on behalf of the customer as its “Data Processor”, in accordance with reasonable instructions and subject to applicable agreements with the customer. Cally’s Service Providers act as designated Sub-Processors in these cases. Our customer is responsible for fulfilling any legal obligations applicable to Data Controllers (such as establishing a legal basis for processing and addressing Data Subject Rights requests pertaining to the data they control).
Updates and Amendments: We reserve the right to periodically update and amend this Privacy Policy by posting a revised version on our Service. The revised version will become effective as of the date of publication. In the event of material changes to these Terms, we will notify our customers as appropriate under the circumstances, such as by displaying a prominent notice within the Service or sending an email. Your continued use of the Service following the implementation of such changes will indicate your acceptance of the revised terms.
External Links: Although our Service may include links to other websites or services, we do not assume responsibility for their privacy practices. We encourage you to exercise caution when leaving our Service for the website or application of third parties and to review the privacy policies of each website and service you visit. Please note that this Privacy Policy exclusively pertains to our Service.
Service for the website or application of such third parties, and to read the privacy policies of each and every website and service you visit. This Privacy Policy applies only to our Service.
Our Service is not intended for use by individuals under the age of 16: We do not knowingly collect Personal Data from children and do not seek to do so. If we become aware that a person under the age of 16 is utilizing the Service, we will take measures to prevent and block such usage and will make every effort to promptly delete any associated Personal Data stored by us. If you suspect that we may possess any such data, please contact us via email at contact@cally.one.
Questions, Concerns, or Complaints: If you have any comments or inquiries regarding our Privacy Policy, or if you have concerns regarding your Personal Data held by us, please reach out to us at contact@cally.one. If you are a GDPR-protected individual, you may also have the right to lodge a complaint with an EU supervisory authority.
5 May, 2024